package com.httputils;

import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;

public class PackageUtil {

	/***
	 * 获取签名信息
	 * @param cxt
	 * @return
	 */
	public static String[] getCertMsg(String packageName, Context cxt) {
		String[] certMsg = new String[2];
		PackageInfo pis;
		try {
			pis = cxt.getPackageManager().getPackageInfo(cxt.getPackageName(),
					PackageManager.GET_SIGNATURES);
			Signature[] sigs = pis.signatures; // 签名
			CertificateFactory certFactory = CertificateFactory
					.getInstance("X.509");
			// 获取证书
			X509Certificate cert = (X509Certificate) certFactory
					.generateCertificate(new ByteArrayInputStream(sigs[0]
							.toByteArray()));
			// 可根据证书发行者来判断该应用是否被二次打包（被破解的应用重新打包后，签名与原包一定不同，据此可以判断出该应用是否被人做过改动）
			certMsg[0] = cert.getIssuerDN().toString();  //证书发行者
			certMsg[1] = cert.getSubjectDN().toString(); 
		} catch (CertificateException e) {
			e.printStackTrace();
		} catch (Exception e) {
			e.printStackTrace();
		}
		return certMsg;
	}

}
